[jira] [Updated] (HIVE-26391) [CVE-2020-36518] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.0 to 2.13.2.1+ to fix the vulnerability.

ASF GitHub Bot (Jira) Wed, 13 Jul 2022 23:43:06 -0700


     [ 
https://issues.apache.org/jira/browse/HIVE-26391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


ASF GitHub Bot updated HIVE-26391:
----------------------------------
    Labels: pull-request-available  (was: )

> [CVE-2020-36518] Upgrade com.fasterxml.jackson.core:jackson-databind from 
> 2.13.0 to 2.13.2.1+ to fix the vulnerability.
> -----------------------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-26391
>                 URL: https://issues.apache.org/jira/browse/HIVE-26391
>             Project: Hive
>          Issue Type: Bug
>          Components: Hive
>            Reporter: Aman Raj
>            Assignee: Aman Raj
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> jackson-databind is a data-binding package for the Jackson Data Processor. 
> jackson-databind allows a Java stack overflow exception and denial of service 
> via a large depth of nested objects.
> Upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.0 to 2.13.2.1+ 
> to fix the vulnerability.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (HIVE-26391) [CVE-2020-36518] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.0 to 2.13.2.1+ to fix the vulnerability.

Reply via email to